[S390] move crypto options and some cleanup.

+60

arch/s390/crypto/Kconfig

··· 1 + config CRYPTO_SHA1_S390 2 + tristate "SHA1 digest algorithm" 3 + depends on S390 4 + select CRYPTO_ALGAPI 5 + help 6 + This is the s390 hardware accelerated implementation of the 7 + SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 8 + 9 + config CRYPTO_SHA256_S390 10 + tristate "SHA256 digest algorithm" 11 + depends on S390 12 + select CRYPTO_ALGAPI 13 + help 14 + This is the s390 hardware accelerated implementation of the 15 + SHA256 secure hash standard (DFIPS 180-2). 16 + 17 + This version of SHA implements a 256 bit hash with 128 bits of 18 + security against collision attacks. 19 + 20 + config CRYPTO_DES_S390 21 + tristate "DES and Triple DES cipher algorithms" 22 + depends on S390 23 + select CRYPTO_ALGAPI 24 + select CRYPTO_BLKCIPHER 25 + help 26 + This us the s390 hardware accelerated implementation of the 27 + DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 28 + 29 + config CRYPTO_AES_S390 30 + tristate "AES cipher algorithms" 31 + depends on S390 32 + select CRYPTO_ALGAPI 33 + select CRYPTO_BLKCIPHER 34 + help 35 + This is the s390 hardware accelerated implementation of the 36 + AES cipher algorithms (FIPS-197). AES uses the Rijndael 37 + algorithm. 38 + 39 + Rijndael appears to be consistently a very good performer in 40 + both hardware and software across a wide range of computing 41 + environments regardless of its use in feedback or non-feedback 42 + modes. Its key setup time is excellent, and its key agility is 43 + good. Rijndael's very low memory requirements make it very well 44 + suited for restricted-space environments, in which it also 45 + demonstrates excellent performance. Rijndael's operations are 46 + among the easiest to defend against power and timing attacks. 47 + 48 + On s390 the System z9-109 currently only supports the key size 49 + of 128 bit. 50 + 51 + config S390_PRNG 52 + tristate "Pseudo random number generator device driver" 53 + depends on S390 54 + default "m" 55 + help 56 + Select this option if you want to use the s390 pseudo random number 57 + generator. The PRNG is part of the cryptograhic processor functions 58 + and uses triple-DES to generate secure random numbers like the 59 + ANSI X9.17 standard. The PRNG is usable via the char device 60 + /dev/prandom.

-2

arch/s390/crypto/Makefile

··· 6 6 obj-$(CONFIG_CRYPTO_SHA256_S390) += sha256_s390.o 7 7 obj-$(CONFIG_CRYPTO_DES_S390) += des_s390.o des_check_key.o 8 8 obj-$(CONFIG_CRYPTO_AES_S390) += aes_s390.o 9 - 10 - obj-$(CONFIG_CRYPTO_TEST) += crypt_s390_query.o

+23 -24

arch/s390/crypto/aes_s390.c

··· 4 4 * s390 implementation of the AES Cipher Algorithm. 5 5 * 6 6 * s390 Version: 7 - * Copyright (C) 2005 IBM Deutschland GmbH, IBM Corporation 7 + * Copyright IBM Corp. 2005,2007 8 8 * Author(s): Jan Glauber (jang@de.ibm.com) 9 9 * 10 10 * Derived from "crypto/aes.c" ··· 27 27 /* data block size for all key lengths */ 28 28 #define AES_BLOCK_SIZE 16 29 29 30 - static int has_aes_128 = 0; 31 - static int has_aes_192 = 0; 32 - static int has_aes_256 = 0; 30 + #define AES_KEYLEN_128 1 31 + #define AES_KEYLEN_192 2 32 + #define AES_KEYLEN_256 4 33 + 34 + static char keylen_flag = 0; 33 35 34 36 struct s390_aes_ctx { 35 37 u8 iv[AES_BLOCK_SIZE]; ··· 49 47 50 48 switch (key_len) { 51 49 case 16: 52 - if (!has_aes_128) 50 + if (!(keylen_flag & AES_KEYLEN_128)) 53 51 goto fail; 54 52 break; 55 53 case 24: 56 - if (!has_aes_192) 54 + if (!(keylen_flag & AES_KEYLEN_192)) 57 55 goto fail; 58 56 59 57 break; 60 58 case 32: 61 - if (!has_aes_256) 59 + if (!(keylen_flag & AES_KEYLEN_256)) 62 60 goto fail; 63 61 break; 64 62 default: 65 - /* invalid key length */ 66 63 goto fail; 67 64 break; 68 65 } ··· 323 322 int ret; 324 323 325 324 if (crypt_s390_func_available(KM_AES_128_ENCRYPT)) 326 - has_aes_128 = 1; 325 + keylen_flag |= AES_KEYLEN_128; 327 326 if (crypt_s390_func_available(KM_AES_192_ENCRYPT)) 328 - has_aes_192 = 1; 327 + keylen_flag |= AES_KEYLEN_192; 329 328 if (crypt_s390_func_available(KM_AES_256_ENCRYPT)) 330 - has_aes_256 = 1; 329 + keylen_flag |= AES_KEYLEN_256; 331 330 332 - if (!has_aes_128 && !has_aes_192 && !has_aes_256) 333 - return -ENOSYS; 331 + if (!keylen_flag) 332 + return -EOPNOTSUPP; 333 + 334 + /* z9 109 and z9 BC/EC only support 128 bit key length */ 335 + if (keylen_flag == AES_KEYLEN_128) 336 + printk(KERN_INFO 337 + "aes_s390: hardware acceleration only available for" 338 + "128 bit keys\n"); 334 339 335 340 ret = crypto_register_alg(&aes_alg); 336 - if (ret != 0) { 337 - printk(KERN_INFO "crypt_s390: aes-s390 couldn't be loaded.\n"); 341 + if (ret) 338 342 goto aes_err; 339 - } 340 343 341 344 ret = crypto_register_alg(&ecb_aes_alg); 342 - if (ret != 0) { 343 - printk(KERN_INFO 344 - "crypt_s390: ecb-aes-s390 couldn't be loaded.\n"); 345 + if (ret) 345 346 goto ecb_aes_err; 346 - } 347 347 348 348 ret = crypto_register_alg(&cbc_aes_alg); 349 - if (ret != 0) { 350 - printk(KERN_INFO 351 - "crypt_s390: cbc-aes-s390 couldn't be loaded.\n"); 349 + if (ret) 352 350 goto cbc_aes_err; 353 - } 354 351 355 352 out: 356 353 return ret;

+206 -210

arch/s390/crypto/crypt_s390.h

··· 3 3 * 4 4 * Support for s390 cryptographic instructions. 5 5 * 6 - * Copyright (C) 2003 IBM Deutschland GmbH, IBM Corporation 7 - * Author(s): Thomas Spatzier (tspat@de.ibm.com) 6 + * Copyright IBM Corp. 2003,2007 7 + * Author(s): Thomas Spatzier 8 + * Jan Glauber (jan.glauber@de.ibm.com) 8 9 * 9 10 * This program is free software; you can redistribute it and/or modify it 10 11 * under the terms of the GNU General Public License as published by the Free ··· 33 32 CRYPT_S390_KMAC = 0x0500 34 33 }; 35 34 36 - /* function codes for KM (CIPHER MESSAGE) instruction 35 + /* 36 + * function codes for KM (CIPHER MESSAGE) instruction 37 37 * 0x80 is the decipher modifier bit 38 38 */ 39 39 enum crypt_s390_km_func { ··· 53 51 KM_AES_256_DECRYPT = CRYPT_S390_KM | 0x14 | 0x80, 54 52 }; 55 53 56 - /* function codes for KMC (CIPHER MESSAGE WITH CHAINING) 54 + /* 55 + * function codes for KMC (CIPHER MESSAGE WITH CHAINING) 57 56 * instruction 58 57 */ 59 58 enum crypt_s390_kmc_func { ··· 73 70 KMC_AES_256_DECRYPT = CRYPT_S390_KMC | 0x14 | 0x80, 74 71 }; 75 72 76 - /* function codes for KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST) 73 + /* 74 + * function codes for KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST) 77 75 * instruction 78 76 */ 79 77 enum crypt_s390_kimd_func { ··· 83 79 KIMD_SHA_256 = CRYPT_S390_KIMD | 2, 84 80 }; 85 81 86 - /* function codes for KLMD (COMPUTE LAST MESSAGE DIGEST) 82 + /* 83 + * function codes for KLMD (COMPUTE LAST MESSAGE DIGEST) 87 84 * instruction 88 85 */ 89 86 enum crypt_s390_klmd_func { ··· 93 88 KLMD_SHA_256 = CRYPT_S390_KLMD | 2, 94 89 }; 95 90 96 - /* function codes for KMAC (COMPUTE MESSAGE AUTHENTICATION CODE) 91 + /* 92 + * function codes for KMAC (COMPUTE MESSAGE AUTHENTICATION CODE) 97 93 * instruction 98 94 */ 99 95 enum crypt_s390_kmac_func { ··· 104 98 KMAC_TDEA_192 = CRYPT_S390_KMAC | 3 105 99 }; 106 100 107 - /* status word for s390 crypto instructions' QUERY functions */ 108 - struct crypt_s390_query_status { 109 - u64 high; 110 - u64 low; 111 - }; 112 - 113 - /* 101 + /** 102 + * crypt_s390_km: 103 + * @func: the function code passed to KM; see crypt_s390_km_func 104 + * @param: address of parameter block; see POP for details on each func 105 + * @dest: address of destination memory area 106 + * @src: address of source memory area 107 + * @src_len: length of src operand in bytes 108 + * 114 109 * Executes the KM (CIPHER MESSAGE) operation of the CPU. 115 - * @param func: the function code passed to KM; see crypt_s390_km_func 116 - * @param param: address of parameter block; see POP for details on each func 117 - * @param dest: address of destination memory area 118 - * @param src: address of source memory area 119 - * @param src_len: length of src operand in bytes 120 - * @returns < zero for failure, 0 for the query func, number of processed bytes 121 - * for encryption/decryption funcs 110 + * 111 + * Returns -1 for failure, 0 for the query func, number of processed 112 + * bytes for encryption/decryption funcs 122 113 */ 123 - static inline int 124 - crypt_s390_km(long func, void* param, u8* dest, const u8* src, long src_len) 114 + static inline int crypt_s390_km(long func, void *param, 115 + u8 *dest, const u8 *src, long src_len) 125 116 { 126 117 register long __func asm("0") = func & CRYPT_S390_FUNC_MASK; 127 - register void* __param asm("1") = param; 128 - register const u8* __src asm("2") = src; 118 + register void *__param asm("1") = param; 119 + register const u8 *__src asm("2") = src; 129 120 register long __src_len asm("3") = src_len; 130 - register u8* __dest asm("4") = dest; 121 + register u8 *__dest asm("4") = dest; 131 122 int ret; 132 123 133 124 asm volatile( 134 125 "0: .insn rre,0xb92e0000,%3,%1 \n" /* KM opcode */ 135 126 "1: brc 1,0b \n" /* handle partial completion */ 136 - " ahi %0,%h7\n" 137 - "2: ahi %0,%h8\n" 138 - "3:\n" 139 - EX_TABLE(0b,3b) EX_TABLE(1b,2b) 127 + " la %0,0\n" 128 + "2:\n" 129 + EX_TABLE(0b,2b) EX_TABLE(1b,2b) 140 130 : "=d" (ret), "+a" (__src), "+d" (__src_len), "+a" (__dest) 141 - : "d" (__func), "a" (__param), "0" (-EFAULT), 142 - "K" (ENOSYS), "K" (-ENOSYS + EFAULT) : "cc", "memory"); 143 - if (ret < 0) 144 - return ret; 145 - return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len; 146 - } 147 - 148 - /* 149 - * Executes the KMC (CIPHER MESSAGE WITH CHAINING) operation of the CPU. 150 - * @param func: the function code passed to KM; see crypt_s390_kmc_func 151 - * @param param: address of parameter block; see POP for details on each func 152 - * @param dest: address of destination memory area 153 - * @param src: address of source memory area 154 - * @param src_len: length of src operand in bytes 155 - * @returns < zero for failure, 0 for the query func, number of processed bytes 156 - * for encryption/decryption funcs 157 - */ 158 - static inline int 159 - crypt_s390_kmc(long func, void* param, u8* dest, const u8* src, long src_len) 160 - { 161 - register long __func asm("0") = func & CRYPT_S390_FUNC_MASK; 162 - register void* __param asm("1") = param; 163 - register const u8* __src asm("2") = src; 164 - register long __src_len asm("3") = src_len; 165 - register u8* __dest asm("4") = dest; 166 - int ret; 167 - 168 - asm volatile( 169 - "0: .insn rre,0xb92f0000,%3,%1 \n" /* KMC opcode */ 170 - "1: brc 1,0b \n" /* handle partial completion */ 171 - " ahi %0,%h7\n" 172 - "2: ahi %0,%h8\n" 173 - "3:\n" 174 - EX_TABLE(0b,3b) EX_TABLE(1b,2b) 175 - : "=d" (ret), "+a" (__src), "+d" (__src_len), "+a" (__dest) 176 - : "d" (__func), "a" (__param), "0" (-EFAULT), 177 - "K" (ENOSYS), "K" (-ENOSYS + EFAULT) : "cc", "memory"); 178 - if (ret < 0) 179 - return ret; 180 - return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len; 181 - } 182 - 183 - /* 184 - * Executes the KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST) operation 185 - * of the CPU. 186 - * @param func: the function code passed to KM; see crypt_s390_kimd_func 187 - * @param param: address of parameter block; see POP for details on each func 188 - * @param src: address of source memory area 189 - * @param src_len: length of src operand in bytes 190 - * @returns < zero for failure, 0 for the query func, number of processed bytes 191 - * for digest funcs 192 - */ 193 - static inline int 194 - crypt_s390_kimd(long func, void* param, const u8* src, long src_len) 195 - { 196 - register long __func asm("0") = func & CRYPT_S390_FUNC_MASK; 197 - register void* __param asm("1") = param; 198 - register const u8* __src asm("2") = src; 199 - register long __src_len asm("3") = src_len; 200 - int ret; 201 - 202 - asm volatile( 203 - "0: .insn rre,0xb93e0000,%1,%1 \n" /* KIMD opcode */ 204 - "1: brc 1,0b \n" /* handle partial completion */ 205 - " ahi %0,%h6\n" 206 - "2: ahi %0,%h7\n" 207 - "3:\n" 208 - EX_TABLE(0b,3b) EX_TABLE(1b,2b) 209 - : "=d" (ret), "+a" (__src), "+d" (__src_len) 210 - : "d" (__func), "a" (__param), "0" (-EFAULT), 211 - "K" (ENOSYS), "K" (-ENOSYS + EFAULT) : "cc", "memory"); 212 - if (ret < 0) 213 - return ret; 214 - return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len; 215 - } 216 - 217 - /* 218 - * Executes the KLMD (COMPUTE LAST MESSAGE DIGEST) operation of the CPU. 219 - * @param func: the function code passed to KM; see crypt_s390_klmd_func 220 - * @param param: address of parameter block; see POP for details on each func 221 - * @param src: address of source memory area 222 - * @param src_len: length of src operand in bytes 223 - * @returns < zero for failure, 0 for the query func, number of processed bytes 224 - * for digest funcs 225 - */ 226 - static inline int 227 - crypt_s390_klmd(long func, void* param, const u8* src, long src_len) 228 - { 229 - register long __func asm("0") = func & CRYPT_S390_FUNC_MASK; 230 - register void* __param asm("1") = param; 231 - register const u8* __src asm("2") = src; 232 - register long __src_len asm("3") = src_len; 233 - int ret; 234 - 235 - asm volatile( 236 - "0: .insn rre,0xb93f0000,%1,%1 \n" /* KLMD opcode */ 237 - "1: brc 1,0b \n" /* handle partial completion */ 238 - " ahi %0,%h6\n" 239 - "2: ahi %0,%h7\n" 240 - "3:\n" 241 - EX_TABLE(0b,3b) EX_TABLE(1b,2b) 242 - : "=d" (ret), "+a" (__src), "+d" (__src_len) 243 - : "d" (__func), "a" (__param), "0" (-EFAULT), 244 - "K" (ENOSYS), "K" (-ENOSYS + EFAULT) : "cc", "memory"); 245 - if (ret < 0) 246 - return ret; 247 - return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len; 248 - } 249 - 250 - /* 251 - * Executes the KMAC (COMPUTE MESSAGE AUTHENTICATION CODE) operation 252 - * of the CPU. 253 - * @param func: the function code passed to KM; see crypt_s390_klmd_func 254 - * @param param: address of parameter block; see POP for details on each func 255 - * @param src: address of source memory area 256 - * @param src_len: length of src operand in bytes 257 - * @returns < zero for failure, 0 for the query func, number of processed bytes 258 - * for digest funcs 259 - */ 260 - static inline int 261 - crypt_s390_kmac(long func, void* param, const u8* src, long src_len) 262 - { 263 - register long __func asm("0") = func & CRYPT_S390_FUNC_MASK; 264 - register void* __param asm("1") = param; 265 - register const u8* __src asm("2") = src; 266 - register long __src_len asm("3") = src_len; 267 - int ret; 268 - 269 - asm volatile( 270 - "0: .insn rre,0xb91e0000,%1,%1 \n" /* KLAC opcode */ 271 - "1: brc 1,0b \n" /* handle partial completion */ 272 - " ahi %0,%h6\n" 273 - "2: ahi %0,%h7\n" 274 - "3:\n" 275 - EX_TABLE(0b,3b) EX_TABLE(1b,2b) 276 - : "=d" (ret), "+a" (__src), "+d" (__src_len) 277 - : "d" (__func), "a" (__param), "0" (-EFAULT), 278 - "K" (ENOSYS), "K" (-ENOSYS + EFAULT) : "cc", "memory"); 131 + : "d" (__func), "a" (__param), "0" (-1) : "cc", "memory"); 279 132 if (ret < 0) 280 133 return ret; 281 134 return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len; 282 135 } 283 136 284 137 /** 285 - * Tests if a specific crypto function is implemented on the machine. 286 - * @param func: the function code of the specific function; 0 if op in general 287 - * @return 1 if func available; 0 if func or op in general not available 138 + * crypt_s390_kmc: 139 + * @func: the function code passed to KM; see crypt_s390_kmc_func 140 + * @param: address of parameter block; see POP for details on each func 141 + * @dest: address of destination memory area 142 + * @src: address of source memory area 143 + * @src_len: length of src operand in bytes 144 + * 145 + * Executes the KMC (CIPHER MESSAGE WITH CHAINING) operation of the CPU. 146 + * 147 + * Returns -1 for failure, 0 for the query func, number of processed 148 + * bytes for encryption/decryption funcs 288 149 */ 289 - static inline int 290 - crypt_s390_func_available(int func) 150 + static inline int crypt_s390_kmc(long func, void *param, 151 + u8 *dest, const u8 *src, long src_len) 291 152 { 153 + register long __func asm("0") = func & CRYPT_S390_FUNC_MASK; 154 + register void *__param asm("1") = param; 155 + register const u8 *__src asm("2") = src; 156 + register long __src_len asm("3") = src_len; 157 + register u8 *__dest asm("4") = dest; 292 158 int ret; 293 159 294 - struct crypt_s390_query_status status = { 295 - .high = 0, 296 - .low = 0 297 - }; 298 - switch (func & CRYPT_S390_OP_MASK){ 299 - case CRYPT_S390_KM: 300 - ret = crypt_s390_km(KM_QUERY, &status, NULL, NULL, 0); 301 - break; 302 - case CRYPT_S390_KMC: 303 - ret = crypt_s390_kmc(KMC_QUERY, &status, NULL, NULL, 0); 304 - break; 305 - case CRYPT_S390_KIMD: 306 - ret = crypt_s390_kimd(KIMD_QUERY, &status, NULL, 0); 307 - break; 308 - case CRYPT_S390_KLMD: 309 - ret = crypt_s390_klmd(KLMD_QUERY, &status, NULL, 0); 310 - break; 311 - case CRYPT_S390_KMAC: 312 - ret = crypt_s390_kmac(KMAC_QUERY, &status, NULL, 0); 313 - break; 314 - default: 315 - ret = 0; 316 - return ret; 317 - } 318 - if (ret >= 0){ 319 - func &= CRYPT_S390_FUNC_MASK; 320 - func &= 0x7f; //mask modifier bit 321 - if (func < 64){ 322 - ret = (status.high >> (64 - func - 1)) & 0x1; 323 - } else { 324 - ret = (status.low >> (128 - func - 1)) & 0x1; 325 - } 326 - } else { 327 - ret = 0; 328 - } 329 - return ret; 160 + asm volatile( 161 + "0: .insn rre,0xb92f0000,%3,%1 \n" /* KMC opcode */ 162 + "1: brc 1,0b \n" /* handle partial completion */ 163 + " la %0,0\n" 164 + "2:\n" 165 + EX_TABLE(0b,2b) EX_TABLE(1b,2b) 166 + : "=d" (ret), "+a" (__src), "+d" (__src_len), "+a" (__dest) 167 + : "d" (__func), "a" (__param), "0" (-1) : "cc", "memory"); 168 + if (ret < 0) 169 + return ret; 170 + return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len; 330 171 } 331 172 332 - #endif // _CRYPTO_ARCH_S390_CRYPT_S390_H 173 + /** 174 + * crypt_s390_kimd: 175 + * @func: the function code passed to KM; see crypt_s390_kimd_func 176 + * @param: address of parameter block; see POP for details on each func 177 + * @src: address of source memory area 178 + * @src_len: length of src operand in bytes 179 + * 180 + * Executes the KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST) operation 181 + * of the CPU. 182 + * 183 + * Returns -1 for failure, 0 for the query func, number of processed 184 + * bytes for digest funcs 185 + */ 186 + static inline int crypt_s390_kimd(long func, void *param, 187 + const u8 *src, long src_len) 188 + { 189 + register long __func asm("0") = func & CRYPT_S390_FUNC_MASK; 190 + register void *__param asm("1") = param; 191 + register const u8 *__src asm("2") = src; 192 + register long __src_len asm("3") = src_len; 193 + int ret; 194 + 195 + asm volatile( 196 + "0: .insn rre,0xb93e0000,%1,%1 \n" /* KIMD opcode */ 197 + "1: brc 1,0b \n" /* handle partial completion */ 198 + " la %0,0\n" 199 + "2:\n" 200 + EX_TABLE(0b,2b) EX_TABLE(1b,2b) 201 + : "=d" (ret), "+a" (__src), "+d" (__src_len) 202 + : "d" (__func), "a" (__param), "0" (-1) : "cc", "memory"); 203 + if (ret < 0) 204 + return ret; 205 + return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len; 206 + } 207 + 208 + /** 209 + * crypt_s390_klmd: 210 + * @func: the function code passed to KM; see crypt_s390_klmd_func 211 + * @param: address of parameter block; see POP for details on each func 212 + * @src: address of source memory area 213 + * @src_len: length of src operand in bytes 214 + * 215 + * Executes the KLMD (COMPUTE LAST MESSAGE DIGEST) operation of the CPU. 216 + * 217 + * Returns -1 for failure, 0 for the query func, number of processed 218 + * bytes for digest funcs 219 + */ 220 + static inline int crypt_s390_klmd(long func, void *param, 221 + const u8 *src, long src_len) 222 + { 223 + register long __func asm("0") = func & CRYPT_S390_FUNC_MASK; 224 + register void *__param asm("1") = param; 225 + register const u8 *__src asm("2") = src; 226 + register long __src_len asm("3") = src_len; 227 + int ret; 228 + 229 + asm volatile( 230 + "0: .insn rre,0xb93f0000,%1,%1 \n" /* KLMD opcode */ 231 + "1: brc 1,0b \n" /* handle partial completion */ 232 + " la %0,0\n" 233 + "2:\n" 234 + EX_TABLE(0b,2b) EX_TABLE(1b,2b) 235 + : "=d" (ret), "+a" (__src), "+d" (__src_len) 236 + : "d" (__func), "a" (__param), "0" (-1) : "cc", "memory"); 237 + if (ret < 0) 238 + return ret; 239 + return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len; 240 + } 241 + 242 + /** 243 + * crypt_s390_kmac: 244 + * @func: the function code passed to KM; see crypt_s390_klmd_func 245 + * @param: address of parameter block; see POP for details on each func 246 + * @src: address of source memory area 247 + * @src_len: length of src operand in bytes 248 + * 249 + * Executes the KMAC (COMPUTE MESSAGE AUTHENTICATION CODE) operation 250 + * of the CPU. 251 + * 252 + * Returns -1 for failure, 0 for the query func, number of processed 253 + * bytes for digest funcs 254 + */ 255 + static inline int crypt_s390_kmac(long func, void *param, 256 + const u8 *src, long src_len) 257 + { 258 + register long __func asm("0") = func & CRYPT_S390_FUNC_MASK; 259 + register void *__param asm("1") = param; 260 + register const u8 *__src asm("2") = src; 261 + register long __src_len asm("3") = src_len; 262 + int ret; 263 + 264 + asm volatile( 265 + "0: .insn rre,0xb91e0000,%1,%1 \n" /* KLAC opcode */ 266 + "1: brc 1,0b \n" /* handle partial completion */ 267 + " la %0,0\n" 268 + "2:\n" 269 + EX_TABLE(0b,2b) EX_TABLE(1b,2b) 270 + : "=d" (ret), "+a" (__src), "+d" (__src_len) 271 + : "d" (__func), "a" (__param), "0" (-1) : "cc", "memory"); 272 + if (ret < 0) 273 + return ret; 274 + return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len; 275 + } 276 + 277 + /** 278 + * crypt_s390_func_available: 279 + * @func: the function code of the specific function; 0 if op in general 280 + * 281 + * Tests if a specific crypto function is implemented on the machine. 282 + * 283 + * Returns 1 if func available; 0 if func or op in general not available 284 + */ 285 + static inline int crypt_s390_func_available(int func) 286 + { 287 + unsigned char status[16]; 288 + int ret; 289 + 290 + switch (func & CRYPT_S390_OP_MASK) { 291 + case CRYPT_S390_KM: 292 + ret = crypt_s390_km(KM_QUERY, &status, NULL, NULL, 0); 293 + break; 294 + case CRYPT_S390_KMC: 295 + ret = crypt_s390_kmc(KMC_QUERY, &status, NULL, NULL, 0); 296 + break; 297 + case CRYPT_S390_KIMD: 298 + ret = crypt_s390_kimd(KIMD_QUERY, &status, NULL, 0); 299 + break; 300 + case CRYPT_S390_KLMD: 301 + ret = crypt_s390_klmd(KLMD_QUERY, &status, NULL, 0); 302 + break; 303 + case CRYPT_S390_KMAC: 304 + ret = crypt_s390_kmac(KMAC_QUERY, &status, NULL, 0); 305 + break; 306 + default: 307 + return 0; 308 + } 309 + if (ret < 0) 310 + return 0; 311 + func &= CRYPT_S390_FUNC_MASK; 312 + func &= 0x7f; /* mask modifier bit */ 313 + return (status[func >> 3] & (0x80 >> (func & 7))) != 0; 314 + } 315 + 316 + #endif /* _CRYPTO_ARCH_S390_CRYPT_S390_H */

-129

arch/s390/crypto/crypt_s390_query.c

··· 1 - /* 2 - * Cryptographic API. 3 - * 4 - * Support for s390 cryptographic instructions. 5 - * Testing module for querying processor crypto capabilities. 6 - * 7 - * Copyright (c) 2003 IBM Deutschland Entwicklung GmbH, IBM Corporation 8 - * Author(s): Thomas Spatzier (tspat@de.ibm.com) 9 - * 10 - * This program is free software; you can redistribute it and/or modify it 11 - * under the terms of the GNU General Public License as published by the Free 12 - * Software Foundation; either version 2 of the License, or (at your option) 13 - * any later version. 14 - * 15 - */ 16 - #include <linux/module.h> 17 - #include <linux/init.h> 18 - #include <linux/kernel.h> 19 - #include <asm/errno.h> 20 - #include "crypt_s390.h" 21 - 22 - static void query_available_functions(void) 23 - { 24 - printk(KERN_INFO "#####################\n"); 25 - 26 - /* query available KM functions */ 27 - printk(KERN_INFO "KM_QUERY: %d\n", 28 - crypt_s390_func_available(KM_QUERY)); 29 - printk(KERN_INFO "KM_DEA: %d\n", 30 - crypt_s390_func_available(KM_DEA_ENCRYPT)); 31 - printk(KERN_INFO "KM_TDEA_128: %d\n", 32 - crypt_s390_func_available(KM_TDEA_128_ENCRYPT)); 33 - printk(KERN_INFO "KM_TDEA_192: %d\n", 34 - crypt_s390_func_available(KM_TDEA_192_ENCRYPT)); 35 - printk(KERN_INFO "KM_AES_128: %d\n", 36 - crypt_s390_func_available(KM_AES_128_ENCRYPT)); 37 - printk(KERN_INFO "KM_AES_192: %d\n", 38 - crypt_s390_func_available(KM_AES_192_ENCRYPT)); 39 - printk(KERN_INFO "KM_AES_256: %d\n", 40 - crypt_s390_func_available(KM_AES_256_ENCRYPT)); 41 - 42 - /* query available KMC functions */ 43 - printk(KERN_INFO "KMC_QUERY: %d\n", 44 - crypt_s390_func_available(KMC_QUERY)); 45 - printk(KERN_INFO "KMC_DEA: %d\n", 46 - crypt_s390_func_available(KMC_DEA_ENCRYPT)); 47 - printk(KERN_INFO "KMC_TDEA_128: %d\n", 48 - crypt_s390_func_available(KMC_TDEA_128_ENCRYPT)); 49 - printk(KERN_INFO "KMC_TDEA_192: %d\n", 50 - crypt_s390_func_available(KMC_TDEA_192_ENCRYPT)); 51 - printk(KERN_INFO "KMC_AES_128: %d\n", 52 - crypt_s390_func_available(KMC_AES_128_ENCRYPT)); 53 - printk(KERN_INFO "KMC_AES_192: %d\n", 54 - crypt_s390_func_available(KMC_AES_192_ENCRYPT)); 55 - printk(KERN_INFO "KMC_AES_256: %d\n", 56 - crypt_s390_func_available(KMC_AES_256_ENCRYPT)); 57 - 58 - /* query available KIMD functions */ 59 - printk(KERN_INFO "KIMD_QUERY: %d\n", 60 - crypt_s390_func_available(KIMD_QUERY)); 61 - printk(KERN_INFO "KIMD_SHA_1: %d\n", 62 - crypt_s390_func_available(KIMD_SHA_1)); 63 - printk(KERN_INFO "KIMD_SHA_256: %d\n", 64 - crypt_s390_func_available(KIMD_SHA_256)); 65 - 66 - /* query available KLMD functions */ 67 - printk(KERN_INFO "KLMD_QUERY: %d\n", 68 - crypt_s390_func_available(KLMD_QUERY)); 69 - printk(KERN_INFO "KLMD_SHA_1: %d\n", 70 - crypt_s390_func_available(KLMD_SHA_1)); 71 - printk(KERN_INFO "KLMD_SHA_256: %d\n", 72 - crypt_s390_func_available(KLMD_SHA_256)); 73 - 74 - /* query available KMAC functions */ 75 - printk(KERN_INFO "KMAC_QUERY: %d\n", 76 - crypt_s390_func_available(KMAC_QUERY)); 77 - printk(KERN_INFO "KMAC_DEA: %d\n", 78 - crypt_s390_func_available(KMAC_DEA)); 79 - printk(KERN_INFO "KMAC_TDEA_128: %d\n", 80 - crypt_s390_func_available(KMAC_TDEA_128)); 81 - printk(KERN_INFO "KMAC_TDEA_192: %d\n", 82 - crypt_s390_func_available(KMAC_TDEA_192)); 83 - } 84 - 85 - static int init(void) 86 - { 87 - struct crypt_s390_query_status status = { 88 - .high = 0, 89 - .low = 0 90 - }; 91 - 92 - printk(KERN_INFO "crypt_s390: querying available crypto functions\n"); 93 - crypt_s390_km(KM_QUERY, &status, NULL, NULL, 0); 94 - printk(KERN_INFO "KM:\t%016llx %016llx\n", 95 - (unsigned long long) status.high, 96 - (unsigned long long) status.low); 97 - status.high = status.low = 0; 98 - crypt_s390_kmc(KMC_QUERY, &status, NULL, NULL, 0); 99 - printk(KERN_INFO "KMC:\t%016llx %016llx\n", 100 - (unsigned long long) status.high, 101 - (unsigned long long) status.low); 102 - status.high = status.low = 0; 103 - crypt_s390_kimd(KIMD_QUERY, &status, NULL, 0); 104 - printk(KERN_INFO "KIMD:\t%016llx %016llx\n", 105 - (unsigned long long) status.high, 106 - (unsigned long long) status.low); 107 - status.high = status.low = 0; 108 - crypt_s390_klmd(KLMD_QUERY, &status, NULL, 0); 109 - printk(KERN_INFO "KLMD:\t%016llx %016llx\n", 110 - (unsigned long long) status.high, 111 - (unsigned long long) status.low); 112 - status.high = status.low = 0; 113 - crypt_s390_kmac(KMAC_QUERY, &status, NULL, 0); 114 - printk(KERN_INFO "KMAC:\t%016llx %016llx\n", 115 - (unsigned long long) status.high, 116 - (unsigned long long) status.low); 117 - 118 - query_available_functions(); 119 - return -ECANCELED; 120 - } 121 - 122 - static void __exit cleanup(void) 123 - { 124 - } 125 - 126 - module_init(init); 127 - module_exit(cleanup); 128 - 129 - MODULE_LICENSE("GPL");

+3 -2

arch/s390/crypto/des_check_key.c

··· 10 10 * scatterlist interface. Changed LGPL to GPL per section 3 of the LGPL. 11 11 * 12 12 * s390 Version: 13 - * Copyright (C) 2003 IBM Deutschland GmbH, IBM Corporation 14 - * Author(s): Thomas Spatzier (tspat@de.ibm.com) 13 + * Copyright IBM Corp. 2003 14 + * Author(s): Thomas Spatzier 15 + * Jan Glauber (jan.glauber@de.ibm.com) 15 16 * 16 17 * Derived from "crypto/des.c" 17 18 * Copyright (c) 1992 Dana L. How.

+4 -4

arch/s390/crypto/des_s390.c

··· 3 3 * 4 4 * s390 implementation of the DES Cipher Algorithm. 5 5 * 6 - * Copyright (c) 2003 IBM Deutschland Entwicklung GmbH, IBM Corporation 7 - * Author(s): Thomas Spatzier (tspat@de.ibm.com) 8 - * 6 + * Copyright IBM Corp. 2003,2007 7 + * Author(s): Thomas Spatzier 8 + * Jan Glauber (jan.glauber@de.ibm.com) 9 9 * 10 10 * This program is free software; you can redistribute it and/or modify 11 11 * it under the terms of the GNU General Public License as published by ··· 557 557 if (!crypt_s390_func_available(KM_DEA_ENCRYPT) || 558 558 !crypt_s390_func_available(KM_TDEA_128_ENCRYPT) || 559 559 !crypt_s390_func_available(KM_TDEA_192_ENCRYPT)) 560 - return -ENOSYS; 560 + return -EOPNOTSUPP; 561 561 562 562 ret = crypto_register_alg(&des_alg); 563 563 if (ret)

+37 -46

arch/s390/crypto/sha1_s390.c

··· 8 8 * implementation written by Steve Reid. 9 9 * 10 10 * s390 Version: 11 - * Copyright (C) 2003 IBM Deutschland GmbH, IBM Corporation 12 - * Author(s): Thomas Spatzier (tspat@de.ibm.com) 11 + * Copyright IBM Corp. 2003,2007 12 + * Author(s): Thomas Spatzier 13 + * Jan Glauber (jan.glauber@de.ibm.com) 13 14 * 14 15 * Derived from "crypto/sha1.c" 15 16 * Copyright (c) Alan Smithee. ··· 44 43 static void sha1_init(struct crypto_tfm *tfm) 45 44 { 46 45 struct crypt_s390_sha1_ctx *ctx = crypto_tfm_ctx(tfm); 47 - static const u32 initstate[5] = { 48 - 0x67452301, 49 - 0xEFCDAB89, 50 - 0x98BADCFE, 51 - 0x10325476, 52 - 0xC3D2E1F0 53 - }; 46 + 47 + ctx->state[0] = 0x67452301; 48 + ctx->state[1] = 0xEFCDAB89; 49 + ctx->state[2] = 0x98BADCFE; 50 + ctx->state[3] = 0x10325476; 51 + ctx->state[4] = 0xC3D2E1F0; 54 52 55 53 ctx->count = 0; 56 - memcpy(ctx->state, &initstate, sizeof(initstate)); 57 54 ctx->buf_len = 0; 58 55 } 59 56 ··· 62 63 long imd_len; 63 64 64 65 sctx = crypto_tfm_ctx(tfm); 65 - sctx->count += len * 8; //message bit length 66 + sctx->count += len * 8; /* message bit length */ 66 67 67 - //anything in buffer yet? -> must be completed 68 + /* anything in buffer yet? -> must be completed */ 68 69 if (sctx->buf_len && (sctx->buf_len + len) >= SHA1_BLOCK_SIZE) { 69 - //complete full block and hash 70 + /* complete full block and hash */ 70 71 memcpy(sctx->buffer + sctx->buf_len, data, 71 - SHA1_BLOCK_SIZE - sctx->buf_len); 72 + SHA1_BLOCK_SIZE - sctx->buf_len); 72 73 crypt_s390_kimd(KIMD_SHA_1, sctx->state, sctx->buffer, 73 74 SHA1_BLOCK_SIZE); 74 75 data += SHA1_BLOCK_SIZE - sctx->buf_len; ··· 76 77 sctx->buf_len = 0; 77 78 } 78 79 79 - //rest of data contains full blocks? 80 + /* rest of data contains full blocks? */ 80 81 imd_len = len & ~0x3ful; 81 - if (imd_len){ 82 + if (imd_len) { 82 83 crypt_s390_kimd(KIMD_SHA_1, sctx->state, data, imd_len); 83 84 data += imd_len; 84 85 len -= imd_len; 85 86 } 86 - //anything left? store in buffer 87 - if (len){ 87 + /* anything left? store in buffer */ 88 + if (len) { 88 89 memcpy(sctx->buffer + sctx->buf_len , data, len); 89 90 sctx->buf_len += len; 90 91 } 91 92 } 92 93 93 94 94 - static void 95 - pad_message(struct crypt_s390_sha1_ctx* sctx) 95 + static void pad_message(struct crypt_s390_sha1_ctx* sctx) 96 96 { 97 97 int index; 98 98 99 99 index = sctx->buf_len; 100 - sctx->buf_len = (sctx->buf_len < 56)? 101 - SHA1_BLOCK_SIZE:2 * SHA1_BLOCK_SIZE; 102 - //start pad with 1 100 + sctx->buf_len = (sctx->buf_len < 56) ? 101 + SHA1_BLOCK_SIZE:2 * SHA1_BLOCK_SIZE; 102 + /* start pad with 1 */ 103 103 sctx->buffer[index] = 0x80; 104 - //pad with zeros 104 + /* pad with zeros */ 105 105 index++; 106 106 memset(sctx->buffer + index, 0x00, sctx->buf_len - index); 107 - //append length 107 + /* append length */ 108 108 memcpy(sctx->buffer + sctx->buf_len - 8, &sctx->count, 109 - sizeof sctx->count); 109 + sizeof sctx->count); 110 110 } 111 111 112 112 /* Add padding and return the message digest. */ ··· 113 115 { 114 116 struct crypt_s390_sha1_ctx *sctx = crypto_tfm_ctx(tfm); 115 117 116 - //must perform manual padding 118 + /* must perform manual padding */ 117 119 pad_message(sctx); 118 120 crypt_s390_kimd(KIMD_SHA_1, sctx->state, sctx->buffer, sctx->buf_len); 119 - //copy digest to out 121 + /* copy digest to out */ 120 122 memcpy(out, sctx->state, SHA1_DIGEST_SIZE); 121 - /* Wipe context */ 123 + /* wipe context */ 122 124 memset(sctx, 0, sizeof *sctx); 123 125 } 124 126 125 127 static struct crypto_alg alg = { 126 128 .cra_name = "sha1", 127 - .cra_driver_name = "sha1-s390", 129 + .cra_driver_name= "sha1-s390", 128 130 .cra_priority = CRYPT_S390_PRIORITY, 129 131 .cra_flags = CRYPTO_ALG_TYPE_DIGEST, 130 132 .cra_blocksize = SHA1_BLOCK_SIZE, 131 133 .cra_ctxsize = sizeof(struct crypt_s390_sha1_ctx), 132 134 .cra_module = THIS_MODULE, 133 - .cra_list = LIST_HEAD_INIT(alg.cra_list), 135 + .cra_list = LIST_HEAD_INIT(alg.cra_list), 134 136 .cra_u = { .digest = { 135 137 .dia_digestsize = SHA1_DIGEST_SIZE, 136 - .dia_init = sha1_init, 137 - .dia_update = sha1_update, 138 - .dia_final = sha1_final } } 138 + .dia_init = sha1_init, 139 + .dia_update = sha1_update, 140 + .dia_final = sha1_final } } 139 141 }; 140 142 141 - static int 142 - init(void) 143 + static int __init init(void) 143 144 { 144 - int ret = -ENOSYS; 145 + if (!crypt_s390_func_available(KIMD_SHA_1)) 146 + return -EOPNOTSUPP; 145 147 146 - if (crypt_s390_func_available(KIMD_SHA_1)){ 147 - ret = crypto_register_alg(&alg); 148 - if (ret == 0){ 149 - printk(KERN_INFO "crypt_s390: sha1_s390 loaded.\n"); 150 - } 151 - } 152 - return ret; 148 + return crypto_register_alg(&alg); 153 149 } 154 150 155 - static void __exit 156 - fini(void) 151 + static void __exit fini(void) 157 152 { 158 153 crypto_unregister_alg(&alg); 159 154 }

+3 -8

arch/s390/crypto/sha256_s390.c

··· 4 4 * s390 implementation of the SHA256 Secure Hash Algorithm. 5 5 * 6 6 * s390 Version: 7 - * Copyright (C) 2005 IBM Deutschland GmbH, IBM Corporation 7 + * Copyright IBM Corp. 2005,2007 8 8 * Author(s): Jan Glauber (jang@de.ibm.com) 9 9 * 10 10 * Derived from "crypto/sha256.c" ··· 143 143 144 144 static int init(void) 145 145 { 146 - int ret; 147 - 148 146 if (!crypt_s390_func_available(KIMD_SHA_256)) 149 - return -ENOSYS; 147 + return -EOPNOTSUPP; 150 148 151 - ret = crypto_register_alg(&alg); 152 - if (ret != 0) 153 - printk(KERN_INFO "crypt_s390: sha256_s390 couldn't be loaded."); 154 - return ret; 149 + return crypto_register_alg(&alg); 155 150 } 156 151 157 152 static void __exit fini(void)

+4 -4

arch/s390/defconfig

··· 724 724 # CONFIG_CRYPTO_MD4 is not set 725 725 # CONFIG_CRYPTO_MD5 is not set 726 726 # CONFIG_CRYPTO_SHA1 is not set 727 - # CONFIG_CRYPTO_SHA1_S390 is not set 728 727 # CONFIG_CRYPTO_SHA256 is not set 729 - # CONFIG_CRYPTO_SHA256_S390 is not set 730 728 # CONFIG_CRYPTO_SHA512 is not set 731 729 # CONFIG_CRYPTO_WP512 is not set 732 730 # CONFIG_CRYPTO_TGR192 is not set ··· 733 735 CONFIG_CRYPTO_CBC=y 734 736 # CONFIG_CRYPTO_LRW is not set 735 737 # CONFIG_CRYPTO_DES is not set 736 - # CONFIG_CRYPTO_DES_S390 is not set 737 738 # CONFIG_CRYPTO_BLOWFISH is not set 738 739 # CONFIG_CRYPTO_TWOFISH is not set 739 740 # CONFIG_CRYPTO_SERPENT is not set 740 741 # CONFIG_CRYPTO_AES is not set 741 - # CONFIG_CRYPTO_AES_S390 is not set 742 742 # CONFIG_CRYPTO_CAST5 is not set 743 743 # CONFIG_CRYPTO_CAST6 is not set 744 744 # CONFIG_CRYPTO_TEA is not set ··· 751 755 # 752 756 # Hardware crypto devices 753 757 # 758 + # CONFIG_CRYPTO_SHA1_S390 is not set 759 + # CONFIG_CRYPTO_SHA256_S390 is not set 760 + # CONFIG_CRYPTO_DES_S390 is not set 761 + # CONFIG_CRYPTO_AES_S390 is not set 754 762 755 763 # 756 764 # Library routines

-49

crypto/Kconfig

··· 74 74 help 75 75 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 76 76 77 - config CRYPTO_SHA1_S390 78 - tristate "SHA1 digest algorithm (s390)" 79 - depends on S390 80 - select CRYPTO_ALGAPI 81 - help 82 - This is the s390 hardware accelerated implementation of the 83 - SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 84 - 85 77 config CRYPTO_SHA256 86 78 tristate "SHA256 digest algorithm" 87 79 select CRYPTO_ALGAPI 88 80 help 89 81 SHA256 secure hash standard (DFIPS 180-2). 90 82 91 - This version of SHA implements a 256 bit hash with 128 bits of 92 - security against collision attacks. 93 - 94 - config CRYPTO_SHA256_S390 95 - tristate "SHA256 digest algorithm (s390)" 96 - depends on S390 97 - select CRYPTO_ALGAPI 98 - help 99 - This is the s390 hardware accelerated implementation of the 100 - SHA256 secure hash standard (DFIPS 180-2). 101 - 102 83 This version of SHA implements a 256 bit hash with 128 bits of 103 84 security against collision attacks. 104 85 ··· 165 184 config CRYPTO_DES 166 185 tristate "DES and Triple DES EDE cipher algorithms" 167 186 select CRYPTO_ALGAPI 168 - help 169 - DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 170 - 171 - config CRYPTO_DES_S390 172 - tristate "DES and Triple DES cipher algorithms (s390)" 173 - depends on S390 174 - select CRYPTO_ALGAPI 175 - select CRYPTO_BLKCIPHER 176 187 help 177 188 DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). 178 189 ··· 308 335 The AES specifies three key sizes: 128, 192 and 256 bits 309 336 310 337 See <http://csrc.nist.gov/encryption/aes/> for more information. 311 - 312 - config CRYPTO_AES_S390 313 - tristate "AES cipher algorithms (s390)" 314 - depends on S390 315 - select CRYPTO_ALGAPI 316 - select CRYPTO_BLKCIPHER 317 - help 318 - This is the s390 hardware accelerated implementation of the 319 - AES cipher algorithms (FIPS-197). AES uses the Rijndael 320 - algorithm. 321 - 322 - Rijndael appears to be consistently a very good performer in 323 - both hardware and software across a wide range of computing 324 - environments regardless of its use in feedback or non-feedback 325 - modes. Its key setup time is excellent, and its key agility is 326 - good. Rijndael's very low memory requirements make it very well 327 - suited for restricted-space environments, in which it also 328 - demonstrates excellent performance. Rijndael's operations are 329 - among the easiest to defend against power and timing attacks. 330 - 331 - On s390 the System z9-109 currently only supports the key size 332 - of 128 bit. 333 338 334 339 config CRYPTO_CAST5 335 340 tristate "CAST5 (CAST-128) cipher algorithm"